GLib vulnerability

2009-10-05T00:00:00
ID USN-841-1
Type ubuntu
Reporter Ubuntu
Modified 2009-10-05T00:00:00

Description

Arand Nash discovered that applications linked to GLib (e.g. Nautilus) did not correctly copy symlinks. If a user copied symlinks with GLib, the symlink target files would become world-writable, allowing local attackers to gain access to potentially sensitive information.